The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.
A computer platform is a particular set of hardware components or architectures, or software components or architectures. One computer platform can include one or more different processors, operating systems, displays, inputs, or other hardware or software components that another computer platform does not have. For example, a particular model of a mobile device may be a particular computer platform that includes one or more processors and an operating system designed to minimize the amount of power consumed while the mobile device is not actively being used by a user. A particular desktop model computer platform may include a plurality of high-performance power intensive processors configured to perform computationally expensive simulations.
A platform-specific application is a platform-specific application that is specifically configured to be executed by a particular computer platform. A computer platform that a platform-specific application is specifically configured to be executed by may be referred to as a target platform. Platform-specific applications can be developed with one or more computing programming languages, such as Java, Objective C, and Swift. After a platform-specific application is configured for a particular computer platform, copies of the platform-specific application can be downloaded or shared. A device or computer that has the particular computer platform can execute the platform-specific application.
A platform-specific application can include platform-specific features. For example, a first mobile device platform may comprise, a first operating system (“OS”), GPS, and wireless communication system. The first OS executing on the first mobile device platform may provide one or more first interfaces for a first platform-specific application to retrieve the current global position of the first mobile device and send the position data to a server computer.
A platform-specific application for a particular computer platform need not be compatible for another computer platform. For example, a second mobile device platform may comprise, a second OS, GPS, and wireless communication system. The second OS executing on the second mobile device platform may provide one or more second interfaces for a second platform-specific application to retrieve the current global position of the second mobile device and send the position data to the server computer. However, if the one or more first interfaces are different than the one or more second interfaces, then the first platform-specific application is not compatible with the second mobile device platform.
An emulator is software that can execute a platform-specific application by emulating the target computer platform even though the emulator may be executed by a different computer platform. For example, if a developer compiles source code to generate a platform-specific application for a target mobile device platform, then the developer can test the platform-specific application on the developer's desktop computer platform by executing an emulator on the desktop computer platform, and instructing the emulator to execute the compiled platform-specific application while emulating the target mobile device platform.
A server computer that receives data from a platform-specific application may be susceptible to similar attacks used against server computers that are hosting or serving data in response to one or more requests. For example, if a server computer receives location data over HyperText Transfer Protocol (“HTTP”) using a particular Uniform Resource Locator (“URL”) from one or more platform-specific applications, then the server computer may receive location data from an attacker sending false or fabricated location data over HTTP using the same particular URL.
Platform-specific applications for particular computer platforms, such as mobile devices, may not be executable by, or compatible with, other computer platforms, such as desktop computer platforms. So, attackers may resort to “manually” sending bad data to server computers via the platform-specific application. For example, an attacker may install and execute a platform-specific application on a target mobile device, input false data into one or more fields, and cause the platform-specific application to send a request that includes the bad data to the server computer.
Manually sending bad data or other malicious requests to a server computer can be time consuming and fail to impact the intended victim in a meaningful way. Furthermore, an attacker may not have access to the target computer platform for the platform-specific application that the attacker wants to exploit. Instead, an attacker can execute an emulator, such as ANDROID EMULATOR or THE SIMULATOR for IOS, on the attacker's desktop computer platform, and instruct the emulator to execute the platform-specific application while emulating the target computer platform. Furthermore, the attacker may use automation tools or scripts that simulate a user providing input into the platform-specific application, which then causes the platform-specific application being executed in the emulator to repetitively send a large number of requests with false data to the server computer. The server may determine that the requests are valid because the requests are from the platform-specific application. Accordingly, the server may process the malicious requests with false data.
Attackers may use emulators and automation tools to commit many types of unauthorized acts, crimes or computer fraud, such as content retrieval or scraping, credential stuffing, ratings manipulation, fake account creation, reserving rival goods attacks, ballot stuffing attacks, password snooping, vulnerability assessments, brute force attacks, click fraud, DDoS attacks, bidding wars, and system fingerprinting attacks. Server administrators and developers may wish to prevent malicious users from attacking a server using a platform-specific application, emulators, and automation tools, while allowing legitimate users to use the platform-specific application as intended. However, determining which requests are generated by a legitimate user using a platform-specific application and a malicious user using the platform-specific application may be difficult.